The Audit - Presented by IT Audit Labs

Printing the Future: Navigating Cybersecurity in 3D Printing

IT Audit Labs Season 1 Episode 36

How exposed are your 3D printing operations to cyber threats? Is the intellectual property involved in 3D printing at risk, and can 3D printers themselves become targets for hackers?  
 
As 3D printing technology becomes more integrated into various industries, its cybersecurity implications cannot be ignored. This episode sheds light on the exciting world of 3D printing, focusing on its potential for innovation while addressing the significant cybersecurity challenges it faces. 

We'll explore: 

• The basics of 3D printing technology and its cybersecurity implications. 

• Protecting intellectual property in the realm of 3D printing. 

• The vulnerabilities of 3D printers to hacking and how to safeguard them. 

• Strategies for securing 3D printing operations against cyber threats. 

• Real-world examples of cybersecurity breaches in 3D printing. 

Whether you're a cybersecurity professional, a 3D printing enthusiast, or someone interested in the intersection of technology and security, this episode offers valuable insights into protecting your 3D printing projects.   

Speaker 1:

Hello, my name is Joshua Schmidt. I'm the producer of the audit presented by IT Audit Labs. Today we're joined by Eric Brown and Nick Mellum to talk with our guest, matt Starland, about 3D printing and some of the potential risks and rewards through the lens of Infosec. Thanks for joining us. Please like, share and follow the podcast for thoughtful conversations and a deeper look into the world of cybersecurity. Today we are joined by Eric Brown, nick Mellum and Matt Starland, and Matt's here today to talk about things 3D printing, all things 3D printed related. We're going to get into some of the risks and rewards and talk about the intersection of 3D printers and cybersecurity and what's on the horizon. So, matt, if you could kick it off and give us a little background, we had a game night at IT Audit Labs a few weeks back and you had brought your 3D printer in, which kind of spurred this conversation. So maybe you could give us a little background on what got you interested in 3D printing and maybe some of the things you've made and materials and all that good stuff.

Speaker 2:

Sure, thanks for having me on again. I appreciate always joining with you guys here and talking all fun things, technology and other geek things like 3D printing here. So yeah, I got into 3D printing probably about two and a half years ago. A lot of this is spurred by, I would say, my kind of technology, engineering, architecting mindset of just being able to build, create things or find solutions to problems, and so you know what are some of those problems that exist Maybe around your house. You have a broken handle on some proprietary device, or even some product you bought that doesn't have an appropriate carrying handle or mechanism for it to be able to hang on a wall, just different solutions like that, and so, I don't know, there's just an endless amount of possibilities that you can fix things with, and so I think that's kind of what really got me interested in it, and you know it's also kind of saving money because you can find your own solutions to problems that might exist around the house or just in general in life.

Speaker 3:

I ran into that myself recently where we bought a set of dominoes to play Mexican train but we didn't have the holders and we got the Buddymine Ryan Dyrud Prince it off the holders to play because you want to kind of hide the dominoes that you have. It's pretty cool, right, Because otherwise you'd have to go out and try to find a set of those holders, which nowadays isn't hard to do because a lot of people print them and sell them on Amazon and such. But to be able to just rip them out to play the game that night is pretty cool.

Speaker 1:

Yeah, I just bought Hero Quest, which is a $100 board game with a lot of little trinkets and little chach keys that used to play. I can see my kids losing those or getting a handle on those and misplacing them somewhere. Matt, are there any other solutions or problems? Do you find yourself looking for problems that you can solve with your 3D printer?

Speaker 2:

Yeah, for example here some of them are very minor. I don't know if those of you out there that might have UB keys I believe a previous podcast episode there was that we talked and gotten to security keys, fido2 keys, and they're really small, about a couple inches long and only maybe a quarter of an inch thick, for example. It's hard to keep in a wallet, or maybe you can keep it maybe in your backpack, but they've got a little hole in it too. You could maybe hook it out to a lanyard, but I wanted to keep it in my wallet but it's just not a very I don't know. It's the shape. It's an odd shape for a wallet. Right, exactly, it's the shape for a wallet. And so I'm like, well, there's got to be a better way to store this securely in my wallet so it doesn't slip out and fits in with all the other credit cards or other plastic cards to purchase things. And so what I did is I designed a little plastic holder here about the size of a credit card that the UB key can slide into, and then it's just easier to slide in and out of the wallet. So there's nothing I can even think of out there on the market where I could go to a Target or a Walmart and find something as simple and basic as this but saves time and a headache of maybe losing it in my wallet or falling out accidentally.

Speaker 2:

Had another friend here that has an airplane and they have a little lip on the concrete slab that they store their airplane in and needed some kind of a ramp to help push the airplane small two-seater airplane into their hanger. And instead of trying to figure out and cut up a piece of wood and get all the angles right and doing that kind of maybe more manual hand tool process, I was able to design a honeycomb style ramp like that to meet the size of the lip on the concrete slab and made it out of these honeycombs to not waste material but still maintain the strength. So of course it's not this big this is just a model of it but printed off, took it over there and was able to get the plane up the ramp, these ramps, and into the hangers. So a lot of custom applications that you just maybe can't find a solution in the store for.

Speaker 3:

So that's really cool, and when you first started this, Matt, I recall and this probably applicable for Nick you made some cat toys.

Speaker 4:

I was waiting to say it. I knew Matt spends most of his time printing cat toys.

Speaker 2:

Yeah, you know I discovered that my cats the first cat I've ever had, but our family here with now having kids have ever had was, you know finally broke down and got a cat for the family, and so we noticed that the cat really enjoyed springy material, kind of like the filament that's used in 3D printing. That might touch on here in a little bit. And so I'm like you know how can we give, you know, create a fun toy for people to download online for free and, you know, put on, maybe like on their refrigerator that a cat can come by and just play with. And so created this little custom figure.

Speaker 2:

Looks kind of like a little person here with the holding, maybe like a fishing rod. It's got a little hole in it and it's designed to just take the raw filament for 3d printers. You just put it through the hands and bend it and it just hangs out the hands and they just has a springy type of, you know, flexibility to it and the cats will just come by and play with it all day long. It's it's yeah again, did it really save me a lot of time in life, but it was still fun to engineer something like this and give some good entertainment to, I guess, the cat and the rest of the kids watching the cat play with it.

Speaker 3:

So Nick, do you think mr Miyagi would like that I?

Speaker 4:

Think the cat would love that. So, man, you, you're, probably, you're kind of like a pioneer in this space. You're, you're, you're finding things that have a problem. You're in, you're fixing it on your own, You're not relying on other people to build you things.

Speaker 2:

Yeah, um, I think this goes back to like what I was saying before. You know that engineering and architecting mindset it's fun to find solutions to problems like this, and so there are a lot of great websites out there like Thingiverse, comm and printables comm. That has a lot of, you know, pioneers or engineering mindsets that want to Show the world a Solutions to problems that they found or just, I guess, fun. You know trinkets in general that you can go down, go out to those websites and download those models for free and print them off. There are different Licenses that people might put on their models to kind of help protect their intellectual property of their custom designs or Original ideas that they made, but a lot of it's To. Some of them don't care if you print them off and sell them, you know, as part of your own company or on a different friends and family.

Speaker 2:

So, yeah, I've posted a few things out there on printables. You can find me at at Crossman Under printables. That's my profile and there's some examples out there, some custom things that I've made to. You know, just share with the world, for if people have a particular product that I've that I've purchased and found a fun Solution for, to help save them some time or money I put out there for them to download and Print.

Speaker 2:

It does take some time and energy to make those things and you want to use a Particularly like cadding soft for, either like tinker cat, which is a very, I would say, beginner type of cadding software, but it has its pros and cons compared to even a full-blown professional kind of software Like a fusion Autodesk fusion 360 or even like an open source free CAD. Because if you, if the object that you're trying to make only has a few simple shapes, tinker cad makes sense because they give you the shape right there and you can stretch it, slip it down and even cut out sections out of it. But again it's like using basic shapes like a cylinder, sphere or squares. But then if you want to start getting into some really crazy engineering task where you're making gears, you know like almost like engine style type Engineering, that's where you know tinker cad Is gonna fall short real quick Mac.

Speaker 3:

Can you talk about the different types of 3d printers? Right, there's a kind of one, that that it's like dipped in in the stuff, and then there's another one that uses the Filaments, so maybe different applications of why you'd use one over the other.

Speaker 2:

Yeah, so the, the two main Ones that are out there are the. It's called the SLA, I think it's stereolithography, that's what that stands for and then FDM, which is fused deposition modeling. Fdm is where that takes a spool of filament. So for example, right here that I have, I'm showing here, it's about a, it's one kilogram spool, the materials about 1.75 millimeter stick, and it. It runs that down into a hot end, they call it, heats up the material into a liquid, and then you have a motorized head that prints or makes, layer by layer, your object. So you know, for example, looking going back to this ube key Holder again, it's hard to see on the camera here and With the details of all the little lines, but I think from looking at this, there's probably about 20 different layers of material to make this and so it just puts down layer by layer.

Speaker 2:

Where the SLA is is a little different, in which it uses like a small tub, like a. When I say a small tub, like a, I'm gonna say maybe six inches wide by, maybe a foot long and Maybe eight inches deep. Fair, there can be varying sizes, but just to give you a general idea of that. And then it's a liquid, the, the material inside that is liquid, and then there's a plate that starts at the bottom of that liquid and slowly pulls up, while there's an ultraviolet light shining across the plate and that liquid to Harden the material. So it's almost looks like something out of terminator two. You know something getting created being pulled slowly out of this bath and you see the object on there. Now why the differences? Well, using that SLA there are the details are it looks like if it was the object that was created, as If it was forged like in a casing, something that you'd buy at the store, you know, like Looking at like a Microsoft sculpt mouse like this. It's so perfectly smooth. The plastic it came out of a mold and that's what that SLA looks like too when you print things, and it's really good for extreme details.

Speaker 2:

Now, from what I understand, it hasn't caught up, though, with the different levels of material that exists. So, compared to FDM. So with FDM you have I Don't know if there are so many ABS plastics, pet G PLA. Some of that PLA is reinforced with wood, so, like this one here that I have, this this Is brown spool. This is actually has 25% wood fibers in it, so that way you can Sand it down and stain it like real wood I have.

Speaker 2:

There's other materials here. That's a shiny silk material, lomeless, looks metallic, then there's even glow in the dark materials. So there's a lot of, I think, a wider selection on the FDM and it's also less cleanup. You don't have to wash out a tub to put a new color in. You can print multiple colors at different layers. So some something like the printer behind me here you can see there's a spool up on this. I've got room for another spool on here and some of these FDM printers have multiple heads so you can configure the 3d printed object to say, hey, print blue at the first ten layers, then read at this next set of layers so you can get different colors involved.

Speaker 4:

I have a 3d printer as well. They're a little bit different, right? So just maybe you know what's your take on an enclosed 3d printer versus one that's enclosed, like, specifically, mine is a bamboo labs and and it's enclosed right, has a door, glass top, glass front, but there's sides. Is there a plus to that versus versus not being enclosed? Ah, definitely.

Speaker 2:

I guess it depends on the type of applications that you're gonna use. You know to print, so you know. One of the reasons why I went with this open one, which is a Prusa MK4 Part of that is because I wanted to do some of this 3d printing for some small business type stuff, and so it has a lot of the parts on this that you can see here in orange Is all 3d printed. So Prusa 3d prints their own printers. There are a lot of pieces on this printer that aren't 3d printed, but they try to do it, you know, to save manufacturing costs from going from to a third party and also to show that, look, these types of printers handle a lot of stress. Lots of it's just constantly printing themselves, so they're self replicating in a way, and so if there's a part that's broken on here, well, hopefully I had the forethought to 3D print some of these parts ahead of time. You know that makes it easier to get to and fix.

Speaker 2:

Now, what's the downside?

Speaker 2:

So you're talking about you have more of an enclosed printer that isn't as maybe, as I would say, customizable.

Speaker 2:

The pro to the your enclosed printers that there are certain materials, for example, nylon or maybe even carbon fiber that takes a high amount of heat to find that melting point, and any bit of outside air Even if it's 75, 80 degrees in your house that little bit of outside air can impact that material as it's extruding out of the hot end and it can cause it to start to warp, not adhere to the bed, and so having that enclosure allows that heat to stay trapped in there without getting that outside air to impact it.

Speaker 2:

And so it starts to increase your different applications. But then if there's an issue with your printer and you're trying to sell, or you got maybe an order coming in and you're trying to get out, so many orders, some of those enclosed printers are a little bit harder to fix and time consuming, where with this open one it's easier to get to but I might not have the same applications that I can print with. But I can always add an enclosure to this, buy one later that you can build around it and easily take off and get to the printer's parts to fix.

Speaker 4:

So and I'll go back to your printer there. You sent a video to me of the company right and it's an awesome video to hear about their journey and how they're using a print farm to print the printers and they send them out and you can get it in kind of two configurations right, it comes put together or, if you've maybe got a screw loose in your own head, you'll get it dismantled and you put it together. And I know you got it dismantled and you sent me pictures putting it together of a mess in the office putting it together. How long did it take you End up taking you to get that guy together?

Speaker 2:

Yeah, you're right, I'm one of those that had a screw loose and I had lots of screws loose all over my floor too. I part of that was, like I was saying before, because of being able to understand how to fix it and repair it. I wanted to take that opportunity to understand how all the parts go together. So if I ever had a down printer, I have a general idea of how that was built and put together. So I was one of those that decided to put it all together.

Speaker 2:

I had my entire office was littered parts all over the floor, I mean every screw, every rod it was. I don't know there had have been maybe I'm shooting high here, but it felt like 700 pieces or more and of course I had to connect all of the electronic boards, hook all the electronic boards, run all the wiring, clamp down all the wires appropriately, connect the power supply. I mean it was like kind of 1970s garage style computing where you're putting every piece together. It was. It took me, you know, close to, I would say, a month and a half, spending maybe a couple of hours a night, and you even made it better than a that I came out of the box.

Speaker 4:

Yeah, I actually did.

Speaker 2:

I did do some tweaks to it to reinforce certain areas so it wouldn't snap off the Crossmember that sits above the frame on there.

Speaker 4:

You were touching on the filament coming down into the device or the printer on top of there, what first off, what is on there? And then, secondly, you know, I think and this is my limited knowledge in 3d printing or compared to yours One of the things that can plague, you know, let's say PLA, is humidity, right. So different environments, you could have different issues. It could lead to printing issues. You know, during and after the after effect, are you doing anything to you know? Are you storing, let's say you're, you're filament in a special way?

Speaker 2:

Yeah, humidity is a big part. So for example and I shown you kind of that wood filament you know humidity and wood not the greatest combination Of things, but yeah, for example humidity plays such a big part that you want to store those like in some sort of bag To kind of keep that from that humidity from hitting it. So for example, here I've got just good old one gallon bags and you got those, you know, silica packets, gel packets, yeah, yeah, from any you know Product that you buy that they want to keep, you know, dry as much as possible. So I save those. So then every spool I just throw in and when I'm done with it to kind of keep it as dry as possible.

Speaker 2:

But even then you know, even just sitting out on the rack like this for a long period of time, that humidity can affect it. And so a lot of the 3d printing manufacturers out there have their own what they call dryer boxes. They're filament dryer boxes. So it's just you stick the filament in it and it's got heating coils all around and usually and sometimes a fan to help circulate the air and they have presets for the different types of material to help dry it out. And even Scott, even like a, was a humidist at I think it. You know it shows you the humidity level in there and so you kind of know how dry it is at once it's finished or if you want to throw some more time on there to get it down to a certain percentage. But I've had filament sitting out for a year and a half Without in a bag and it got very brittle and it just blobbed a lot and so I threw it in there for Maybe six hours, came out it was almost like brand new again.

Speaker 3:

Josh, what are you seeing in the music industry for 3d printed things? Imagine things like guitar picks or even that recorder that we got in third grade to play hot cross buns. You could probably print print.

Speaker 1:

I Personally haven't seen any anything show up on the market. You know, picks and things of that nature are usually stamped out or Pretty, probably a little more simple to make, and the typical Subtractive manufacturing that brings up a good point. You know this has been called additive Manufacturing, where we're adding layers of material to create an object, Whereas you know if you're thinking about, you know maybe metal work or woodwork, that's more of a subtractive type of manufacturing where we're taking away pieces of a larger piece to create something new, other than fun little studio things.

Speaker 1:

It occurred to me as I was preparing for this that I did have a 3d printed toy in my studio. So this is a vibey little thing that you know Gives me a little inspiration. I think it's a lithograph printed moon mat. Is that what the material would be called?

Speaker 2:

Yeah, well, yeah, it's probably the material. It would be maybe a PLA material, but the the the the term you're looking for that Gives that effect is called a litho fame.

Speaker 1:

A litho fame, yeah. And then you had shared something that you had had at the last game night as well a photo of your family which was pretty, pretty detailed. Once you get a light behind it, this brings up a good point. You know, I think it's we're on the cusp of this becoming ubiquitous across, you know, all of our lives. Whether you're a tech nerd or not, I feel like 3d printing is kind of on the verge, maybe where AI was five years ago or pre-pandemic Pre-pandemic before it really started becoming used in our everyday life.

Speaker 1:

Just doing some research for the show, you know, it occurred to me having conversations with nick and matt. You know they're using these in dentist's office to to produce, you know, the Invisalign braces. That's also provided. You know, quick and fast prototyping for manufacturing. It's also created an opportunity for these businesses to create localized products and and optimize supply chains. You know, which is something I hadn't really thought of. So instead of you know loading up a truck full of gear and Dropping it off across the region and having having a supply chain issues, you know Something we can be sharing, open source or otherwise, online and and having businesses and manufacturing printing these parts in-house, so that we're kind of mitigating the amount of maybe carbon footprint or whatever your concern is, or cost even.

Speaker 1:

Also, you know, customization of niche products or customization of products that you might require to get a job done, like matt displayed with his spool guide there. I think that's just a big opportunity and I'm excited to see what creative people bring to the table when we're customizing and and creating open source options for people to solve problems. Also, reduced, reduced waste, you know, with the additive manufacturing, you know you're not having all that fallout material from. You know the subtractive manufacturing process and you know as we try to optimize, you know our lives and you know make space for more people on the planet and and utilize resources in a more efficient way. I think 3d printing will go a long way towards those goals and and just maybe even enhancing the material strength or the flexibility of performance of materials that we already have out there We've had. Have you guys thought of any of the other rewards that might be cropping up or advancements in this technology that you've seen and In your life.

Speaker 3:

Yeah, they're doing houses these days too, they're 3d printing houses. They started 3d printing organs, I believe, and I think there's a technology where they're looking at potentially 3d printing skin for burn victims, things like that. So lots of advancements in the the medical Industry and industry as well, from what I saw and it's and it's going.

Speaker 2:

This goes back a lot Ways back to Eric, so you know it. It seems to be finally maybe hitting more mainstream these days with that and, and partially that's because Going back to what you're just saying, josh with it we're seeing it, you know, show up in so many different other corners of life from a dentist office. The explosion the last 10, 15 years is is because of the. The patent ran out into the or the went public. Fdm patents became public domain in 2009.

Speaker 2:

So you know, 3d printing has been around for 30 years roughly, but it was owned by mostly by a company, stratasys, and, and so once that patent release boom, the markets just exploded. So that's why you start to see this now in every home and corner office and everything you can find and and but. So going back to your comment, though, eric, about the you know, 3d printing body parts it, looking here, from what I had documented, it's 1999 was the first 3d printed bladder and it was made at Wake Forest. So going back to 1999 even, and then 2008, the first 3d printed prosthetic leg. So you know we're going already 20 plus years ago and it's gonna just explode from here, just like you're saying, josh, with AI it.

Speaker 1:

I think it's gonna slowly, you know, creep into our lives. Like I just noticed, I had this, this little toy, here in my studio. I think it's gonna creep in and, before you know it, things that you don't even think of are going to be 3d printed, and they probably Already are to a large extent. That's some of the rewards, you know, but I'd like to shift the focus on to some of the risks and how this relates to cyber security. You know, as we were kind of approaching this topic turns out, there's quite a bit of crossover and Quite a bit of study, whether it's with think tanks or organizations like it, audit labs that are starting to see some of these risks on the horizon. Where it, when it comes to intellectual property or, you know, the integrity of a part that might be used in the manufacturing process, I mean, the mind goes wild thinking of all the ways that this could, you know, potentially show up as an exploitation in our lives. But is that something you guys have thought of or talked about or started to learn about?

Speaker 3:

Sure, yeah Well, when we think about that and we think about skater environments or industrial control environments, we typically see those separated from the rest of the organizations, corporate environments, and the same would hold true here, and working at a company like SpaceX and you're producing highly scientific parts that are Going to be in extreme environments, you don't want to introduce any sort of Thing that's outside of your span of control or outside of your direct influence. So having the 3d printed materials that you're using in in your production environment on a separate, separate network, separate data environments, would be something that you would really want to have control over. But but I think that just goes along with other industry that we've seen, where we Organizations will have those separate Industrial control environments.

Speaker 4:

I think there's a lot of a risk with this and I was doing some thinking on my own. You know, how is this gonna affect us coming up with future? I don't think necessarily the actual what we print is gonna be the issue. Right, that's not the cyber security risk. The actual device is the cyber security risk, right? Right, we have all these things in manufacturing.

Speaker 4:

Right, they're making things much easier, much quicker, and, you know, if it's a, let's say, a smaller organization, maybe they're not spending as much time on quality control, right, so they might miss issues that have been. You know, let's say, they're. They made a change to a file before close to the printer, right, maybe there was some malicious Whatever was added or it was changed. Right now, as Matt was explaining the layers of the print, right, maybe they made a little bit of a space or an extra space, so the layers have a distance, a greater distance between the two of them and and now you have and then less rigidity, right, the parts aren't as strong. And wherever those parts are going, right, they, they got a lot of parts.

Speaker 4:

Before they weren't an issue, now they are, so you could have issues breaking what have you? So to to Eric's point. Yeah, I mean there's a lot of issues what I was just talking about. But the actual device to me is the issue where Eric was saying put another network. To me the conversation is, you know, treating these as basically an IOT device, right, segregate them, how to treat them as that, and you know, limited access to to the network and Nick to, you know when you're talking about kind of those those types of risks of being an IOT device out.

Speaker 2:

You know, from the manufacturing world, devices like this Not 3d printing, but have been around for a while cnc machines.

Speaker 2:

And so you have big, you know manufacturing lines where people are taking intellectual property on a you know CAD style 3d file, uploading it to the machine. And you have, the machine is working it. Now how are they uploading it? Is it, you know, physically, walking over there with a USB or some SD card whatever, or is it most likely networked to make, you know, to keep things efficient and going, and so so cnc machines been around for a long time. So that risk has always been there. But I think, going back to what now 3d printers, is that now it's much more accessible, you know, to get this type of manufacturing and you have so many different organizations or different companies that Didn't have that manufacturing mindset but they want to make something to help maybe their company or lives out and they don't realize what the level of risk now they're introducing into their network or in their lives because that's something that's new to them. So you know for, historically speaking, a lot of those types of manufacturing companies.

Speaker 2:

They're gonna understand that risk, the intellectual property that's being stored, maybe communicating back to the internet, wherever it might be, but what we're seeing is that the attack, the attack surface is just growing. So the the same type of risk has existed with these types of devices or form of these devices. But now, with everyone, just, oh, let's get this and let's start making parts for our you know, squad cars, or let's make some you know these dental you know and visit line Pieces for your you know your teeth and stuff, and so it's. And not realizing that, oh, the, the dental office Just threw it right on the network with the rest of the other computers are connecting to the internet, and it's, it's.

Speaker 2:

It's not that that device itself may be created risk for the other devices, it's, but it's the other way around. Is that now those devices connecting to the internet their laptops or workstations actually created risk for the 3d printer as well? Because they didn't realize that when they're printing their stuff, being cash on their, stored on there, it's something's got default credentials, and so, while they might have been using a piece of software that was protected, you know, from a malicious actor maybe gaining access to those files on the local computer Maybe it was an, you know, an appropriate environment or space. But as soon as they hit print or upload, now it's on this IOT not, you know, not always the best security controls in the world Installed on there to look for malicious activity and they used admin admin to connect to the web console on the device and now stake inter-electual property A few years ago we saw there was a theoretical attack against pacemakers where if you were in close enough proximity to the pacemaker, if you had the right equipment, you could influence that pacemaker, and maliciously.

Speaker 3:

So, as 3d printing gets more sophisticated and you're taking and combining multiple mediums, when we talk about things like creating an organ, different tissues, maybe even introducing technology into the organ down the road, I do think there's a real risk there as far as having complete end-to-end control of that production process and not only knowing exactly what materials are going into it but how that technology interfaces with that organ or whatever it would be called, so that you reduce the risk of a malicious actor being able to take control of that device post implementation.

Speaker 1:

For people that might be getting into 3d printing, whether it's personal or an organization. How would someone like IT audit labs or organization like IT audit labs help 3d printing manufacturer kind of safeguard their IP or their production floor from that being a vector for a cyber attack or even like a dentist office, being an entry point for a larger cyber attack?

Speaker 3:

I think in some cases and Nick and Matt might have some other ideas but really just taking that risk-based approach of what's the data that needs to be protected and how is that data moving into, through or out of the organization.

Speaker 4:

Yeah, I would agree. I think you know when we're doing these reviews. You know it generally stays the same because at the end of the day, we could either start with code review. We can review that before. Right, it's going to a machine. Right, if it's a big manufacturing company, you could do a penetration test and just continue to make sure the organization is taking steps to protect themselves, you know, from any sort of attack. You know before it gets to, let's say, the 3d printer. But, matt, you probably would go even a lot deeper than that.

Speaker 2:

Yeah, you know I'd look at, you know how. Again, how critical is some of the 3d printing? You know the type of data and so if you're segmenting, you know the network into its own IoT devices and you know what. Taking a look at, you know least privileged model, finding out what. You know what are the permissions needed to upload, download to. You know the type of network connectivity. It really comes down to the type of data.

Speaker 2:

I think you know and that's how you got to. You know evaluate your risk and again, if it's, you know highly. You know if the intellectual property is something highly secretive, you definitely got to. You know, look at, okay, how do we want to adjust our network and configure it to one, make sure we are operating efficiently, to where security doesn't choke the life out of operations, and then vice versa, you know if you get security two week, then you've increased your risk. So it's just finding that fine balance to how can the business you know successfully operate securely, and that's there's always going to be that give and take between the security and operation side. But I think it just really comes down to the type of data that you're working with and what type of you know risk you're willing to accept.

Speaker 3:

And Josh, you know, as we look at the future, I think things are.

Speaker 3:

They're already changing. They're already changing really fast, but with the introduction of mainstream AI or generative AI and where we are today and as those tools continue to improve 3D printing improves I think we're going to see the machine to machine interactions over the next 25 years or so where they're using blockchain and smart contracts to enter with each other, autonomously make decisions, build things that they think they need to perform a function, all based on high level design concepts that they're given. I don't think we're there yet in the mainstream, but that's definitely on the table being discussed. So that will definitely require cybersecurity, data security, intellectual security, all built into those models, and how we secure that in the future is really going to be a paradigm shift, because we won't be able to actually be hands on and look into all of those environments where you're essentially trusting the automation and the robotics and the technology that we're using to perform some of those based on guidelines that humans or other machines have given them. So kind of a futuristic topic, but certainly one that's pretty interesting and not far away.

Speaker 2:

I think I got a good vision with that, and it has to do with the word Skynet. You know what you're going to have Skynet AI. It's pulling T2 right out of the bath, the titanium bath, and 3D printers and AI.

Speaker 4:

Here we go, we're there Well yeah, that's the scary thing, man, is that? And it really, to me it's kind of a parallel with that, because we truly have an uncapped market. We, in 10 years, we could have be having a totally different conversation 15 years, right, and and and change the security strategy, right, as it has any technology that this conversation is going to keep happening. You know, you might even change every six months now as a new printer comes out or a new technology for that printer, right, whatever have you, but the conversation is certainly going to continue to go as the technology changes.

Speaker 2:

Yeah, it's gonna be fascinating to see how AI and 3D printing work together. Not to be doomsday joke there, you know I made a Skynet but it was just kind of like a you know with how creative AI creative or how it seems to be creative, you know where it shows these paintings or videos or deep fakes or whatever it's doing, but just with that type of modeling it's able to do create a. You know, all right, siri, create me a. You know you be key holder, that's this size, distance, whatever. And then the AI all of a sudden boom, created the STL 3D image for you and then automatically kicked it over with automation to your 3D printer. Yeah, you know, is it going to get down to that point? And I don't know. It's exciting, scary, all sorts of emotions and feelings all at the same time. But I think there's some pretty neat stuff there between what AI and 3D printing could do, assuming T2 doesn't come out of the bath.

Speaker 3:

I saw an interesting implementation of 3D printing where someone had programmed a 3D printer to do some handwriting right I think it was around Instead of typing out a homework assignment, it was handwriting the homework assignment, which was pretty interesting. But I think the kind of cool cyber security crossover there would be taking a picture of someone's signature and then being able to use AI to model that signature and reproduce that on a 3D printer Before we leave.

Speaker 4:

if somebody wants to get into 3D printing right now, what should they do? Is there like a printer that's relatively inexpensive, or something that they should do, or a printer that they should get to get into it?

Speaker 2:

Yeah, it's. You know the printing world right now is kind of a. There's so many manufacturers and so many different types out there. You know good old YouTube. I would do some digging in research on the YouTube to find kind of what your interests are. But you know some of the brands that come to mind.

Speaker 2:

For you know a very simple, almost point and click print kind of 2D style it's becoming. As you know, bamboo labs is a really good one and the quality has some higher end ones. But you know, I would take a look at those spaces and not to not to not to prouche it by any means, because I own one that's definitely one to consider, but I would say, you know, take a look at those three companies. But you know, do your own research on YouTube and kind of what you can find as to you know the simplest approach. But those printers are getting close to just good old 2D printing, because a couple years ago, just only two years ago, I had to use a piece of paper to level the thing and you had to manually switch out stuff and there's a lot more automation behind these printers now and for a very limited cost of between 300 and 600 bucks for a pretty Automated printer now.

Speaker 4:

Yeah, thanks for that, man. What it did is allow somebody like myself that might not be a pioneer in the space to to get one in. And you know, do what I do whatever I want print. You know all kinds of things that you know guys like you have done already, so I sure I'm enjoying it. Matt, what's your next printer? Yeah, just finished printing the one behind me, or printing.

Speaker 2:

I think you know I'd probably look at something with multiple print heads and multiple colors. You know can do multiple colors and it's in close. So as much as I like my Prusa and you know, ease the fixability behind it, I guess, unless they're coming out with something like that, I'm probably looking at one of the higher end realities or bamboo labs that has that multi color and multi head kind of print aspect to it. What about you, nick?

Speaker 4:

I'm set up here. You know, with the one I got, I have a bamboo labs P1s and it isn't closed. And then, honestly, this, when I set out and I blame my whole 3d printing endeavors on on Matt he's the one that peer pressured me into this, this hobby, and it is awesome. So I'm happy with this one because it it's as close as you can get to plug-and-play, right. I got it, took out of the box. I think I was printing in, let's say, 15 minutes, right, and I can see it's got a mobile app. You can take a file, put it on there, boom, you send it to the printer and it's going and it's quiet and it's really fast. So, unless something crazy comes out, changes in the technology of this one, it does everything I needed to do.

Speaker 2:

Yeah, he was showing me 10 pounds of material he had already printed by the time I got, maybe, my plate.

Speaker 4:

Yeah, so there's a couple ways to go about it, but yeah, there's certainly not a wrong one, and if anybody wants to get into it, I say go for it. Get yourself a printer and, and you know, get into the hobby, start making things for yourself and and see where it goes.

Speaker 1:

Alright, guys. Well, thank you so much for your time today. As always, it's been a it's been a stimulating and thought-provoking conversation. You've been listening to Myself, joshua Schmidt, eric Brown, nick Mellum and Matt Starlin IT audit labs. You're listening to the audit. We hope you join us for our next episode. Stay in touch.

Speaker 3:

You have been listening to the audit presented by IT audit labs. We are experts at assessing risk and compliance, while providing administrative and technical controls to improve our clients data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, or our security control assessments rank the level of maturity relative to the size of your organization. Thanks to our devoted listeners and followers, as well as our producer, joshua J Schmidt, and our audio video editor, cameron Hill, you can stay up to date on the latest cybersecurity topics by giving us a like and a follow on our socials and and subscribing to this podcast on Apple, spotify or wherever you source your security content.